/**
* A Passport authentication strategy based on email/password.
*
* Login info are stored in a users collection
*
* @param userDao a service to access info related to the users
* @returns {DBStrategy}
* @constructor
*/
function DBStrategy(userDao) {
if (!(this instanceof DBStrategy)) {
console.log('DBStrategy should be used with new');
return new DBStrategy(userDao);
}
this.user = userDao;
//call super ctor
LocalStrategy.call(this, { usernameField: 'email' }, verify.bind(this));
}
/**
* Overrides LocalStrategy constructor and passes verify function to it.
*
* @param {Object} Model
* @param {Object} options
*
* @constructor
*/
function Strategy(Model, options) {
if (!Model) {
throw new Error('mongoose-strategy requires a mongoose model.');
}
options = options || {};
options.usernameField = options.usernameField || 'email';
options.passReqToCallback = false;
// looks up user by email and compare raw password to hashed password.
var verify = function(email, rawPassword, done) {
Model.findByEmail(email, function(err, user) {
if (err) {
done(err);
return;
}
if (!user) {
done(null, false, { message: 'User not found.' });
return;
}
Strategy.comparePassword(rawPassword, user.pass, function(err, isMatch) {
if (err) {
done(err);
return;
}
if (!isMatch) {
done(null, false, { message: 'Incorrect password.' });
return;
}
done(null, user);
});
});
};
LocalStrategy.call(this, options, verify);
this.name = 'mongoose';
this.Model = Model;
}
function MongoDBStrategy() {
// Call the super constructor - passing in our user verification function
// We use the email field for the username
LocalStrategy.call(this, { usernameField: 'email' }, this.verifyUser.bind(this));
// Serialize the user into a string (id) for storing in the session
passport.serializeUser(function(user, done) {
//done(null, user.userid); // Remember that MongoDB has this weird { _id: { $oid: 1234567 } } structure
done(null, user._id); // Remember that MongoDB has this weird { _id: { $oid: 1234567 } } structure
});
// Deserialize the user from a string (id) into a user (via a call to the DB)
passport.deserializeUser(this.get.bind(this));
// We want this strategy to have a nice name for use by passport, e.g. app.post('/login', passport.authenticate('mongo'));
this.name = MongoDBStrategy.name;
}
function MongooseStrategy(dbUrl, apiKey, dbName, collection) {
this.dbUrl = dbUrl;
this.apiKey = apiKey;
this.dbName = dbName;
this.collection = collection;
this.baseUrl = this.dbUrl + '/databases/' + this.dbName + '/collections/' + collection + '/';
// Call the super constructor - passing in our user verification function
// We use the email field for the username
LocalStrategy.call(this, { usernameField: 'email' }, this.verifyUser.bind(this));
// Serialize the user into a string (id) for storing in the session
passport.serializeUser(function(user, done) {
done(null, user._id.$oid); // Remember that MongoDB has this weird { _id: { $oid: 1234567 } } structure
});
// Deserialize the user from a string (id) into a user (via a cll to the DB)
passport.deserializeUser(this.get.bind(this));
// We want this strategy to have a nice name for use by passport, e.g. app.post('/login', passport.authenticate('mongo'));
this.name = MongooseStrategy.name;
}
function MongoDBStrategy(dbUrl, apiKey, dbName, collection) {
this.dbUrl = dbUrl;
this.apiKey = apiKey;
this.dbName = dbName;
this.collection = collection;
this.get = MongoDBStrategy.get;
// Call the super constructor - passing in our user verification function
// We use the email field for the username
LocalStrategy.call(this, { usernameField: 'email' }, this.verifyUser.bind(this));
// Serialize the user into a string (id) for storing in the session
passport.serializeUser(function(user, done) {
done(null, user.id);
});
passport.deserializeUser(function(id,done) {
this.get(id,done);
});
// We want this strategy to have a nice name for use by passport, e.g. app.post('/login', passport.authenticate('mongo'));
this.name = MongoDBStrategy.name;
}